My TechDecisions

Compliance, IT Infrastructure, Network Security, News

How To Safely Reintroduce Devices Onto School Networks

School IT professionals should take a methodical approach when bringing devices back onto school networks after several months of distance learning.

Leave a Comment

School Networks Distance Learning

Distance learning helped students and educators connect during the pandemic-induced lockdown, but returning to the physical school buildings with devices that have been home for more than a year could introduce significant cyber risk to the organization at a time when schools are an attractive target of cybercriminals.

When schools closed their buildings last and quickly transitioned to complete distance learning, many schools distributed laptops and other devices to students and faculty to keep learning continuous.

Depending on what kind of devices they were, the school policy governing the use of those devices and the school’s ability to manage and secure them, schools everywhere could be introducing thousands of unsecure and compromised devices.

“They’ve been left potentially … without attention for a period of X number months,” says John Shier, a senior security advisor at cybersecurity giant Sophos.  

The cyber risk of reopening schools

According to Shier, there are myriad unknowns about the security of those devices, how they were used outside of the school, and who was responsible for keeping them secure.

Schools are beginning to welcome students and faculty back to the building full time as the pandemic begins to ease and vaccines are given, but those school-owned devices being reintroduced to the school’s network could be compromised.

Already, schools are increasingly targeted by malicious cyber actors, and U.S. agencies are warning K-12 institutions about an uptick in ransomware, data theft and other attack methods.

Shier says there was an uptick at the beginning of this school year as some school districts transitioned to a hybrid model of education and relied heavily on that technology to educate students. Ransomware, in particular, has been one of the main cyber threats facing schools.

Depending on how schools manage those devices, they have varying degrees of ability to prevent them from being compromised and keep them patched and up to date.

“So when all these devices are coming back in, there’s a degree of risk,” Shier says.

Luckily for most school districts, they standardize on Google accounts and Chromebooks for students, which are typically very secure.

“There’s not a lot you can do on a Chromebook beyond just use the browser,” he says.

On Windows or Mac computers, that risk becomes greater since they require more security software and patches.

Massive phishing campaigns or credential stealing schemes could hit the users of these laptops, and cybercriminals could then use those credentials to gain access into the critical IT infrastructure of a school district.

“They are getting credential somewhere and then using that to attack the infrastructure and getting a foothold that way, or planting backdoors and planting persistence points. Or they’re exploiting things like the VPN vulnerabilities, exposed RDP or remote access points, they’re brute forcing their way in or finding other ways to get into the network that way,” Shier says. “And then from there, they’re moving around.”

How to safely and securely bring devices back to the school

According to Shier, school IT and security professionals should take a very methodical approach to bringing those laptops and other devices back into the school buildings and school networks.

Set up a separate network

Especially for non-Chromebook devices, administrators should set up a separate network for those devices to give them a thorough scan and clean them of anything that shouldn’t be there.

To do that, make sure the devices don’t automatically connect to the existing Wi-Fi network. Or, administrators can segregate that part of the network to make sure laptops aren’t just jumping onto the production network.

Make sure the devices are up to date

Next, the devices should be scanned to make sure they all have necessary security updates and patches, if administrators weren’t able to do so when the devices are at home.

Scan them deeply for malware and other compromise

Shier suggests a deep scan of the laptops to make sure they aren’t riddled with malware or otherwise compromised. This should also give administrators the ability to make sure that all necessary security software is still functional.

Transition them back to the network

Once the IT team is sure that the devices are free of compromise and up to date, they can start to bring them back onto the network.

‘Once you get a clean bill of health, then you can transition those devices back to the network,” Shier says.

Reader Interactions

Leave a Reply

Your email address will not be published.

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Harnessing the Power of Digital Signage
Harnessing the Power of Digital Signage

Choosing the best solutions for messaging, branding, and communicating in today’s content-everywhere landscape

Blueprint Series Cover: What works for hybrid work
Blueprint Series: What Works for Hybrid Work

Download this free resource to learn about how IT leaders can effectively manage and implement a hybrid work model.

Guide to creating a ransomware response plan download
Blueprint Series: Creating a Ransomware Response Plan

Chances are ransomware hackers are researching your company right now. They’re investing time and money to choose the most profitable targets and a...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ